Security interface for a mobile device

ABSTRACT

A method and device are described which provide a security interface, preferably for a mobile device. The security interface provides user-selectable non-secure data that is displayed without the need for a password. The non-secure data is preferably updated on a regular basis, and can be obtained from different sources, as selected by a user. The secure data can be accessed after successful authentication, such as a positive password verification. Additional non-secure data, related to the displayed non-secure data, can preferably be accessed, with or without a need for a password. An indication can be provided to inform a user that secure data has been updated, without the need to access such secure data. The security interface is preferably enabled after a predetermined timeout period. The interface allows the device to operate in three data access states: a controlled access state; a verification state; and a full access state.

CROSS-REFERENCE TO RELATED APPLICATION

[0001] This application claims the benefit of priority from U.S.Provisional Patent Application Serial No. 60/342,135, filed on Dec. 26,2001. This provisional application is hereby incorporated by referencein its entirety.

FIELD OF THE INVENTION

[0002] This invention relates to the field of user interfaces for mobiledevices. In particular this invention relates to controlling user accessfor a mobile device.

BACKGROUND OF THE INVENTION

[0003] Many mobile devices, such as cellular telephones, personaldigital assistants (PDAs), and other handheld computing andcommunicating devices, currently perform numerous and complex functions.Due to the confidential nature of some information or applicationsstored or displayed on such mobile devices, a security feature is oftenprovided to prevent unauthorized access to confidential information.

[0004] In addition to user-initiated security features, most mobiledevices have a security time out after a specified period of time. Whenthis time out period expires, a typical handheld or mobile device mayeither shut down, or a security screen saver application may start. Mostmobile device security screen savers show a minimum amount of staticinformation.

[0005] There is a need to show selected information pertinent to amobile device user when a device security screen saver is active. Thereis a related need to show, on a device security screen saver display,that new or updated information has been received. It is thereforedesirable to provide an apparatus or method that will assist insatisfying these needs.

SUMMARY OF THE INVENTION

[0006] It is an object of the present invention to obviate or mitigateat least one disadvantage of previous security interface, or securitysplash screen arrangements, particularly those provided for use withhandheld or mobile devices.

[0007] According to an aspect of the present invention, there isprovided a mobile device having a user interface, a memory and atransceiver coupled to a processor. The device includes a securityinterface coupled to the processor for facilitating control of useraccess to data stored in the memory. The data stored in the memory hasstored security levels determining secure data and non-secure data, thecontrol being based on the stored security levels. The securityinterface provides user access to the non-secure data, and restrictsaccess to the secure data based on the stored security levels.

[0008] The non-secure data preferably includes user-selected non-securedata, which is preferably automatically updated. The processor and thesecurity interface can co-operate to provide a first state, a secondstate, and a third state. The first state is activated after a period ofinactivity on the device and in which access to the secure data isrestricted and access to the non-secure data is permitted. The secondstate is activated when a user attempts to access the secure data and inwhich security information is requested from a user. The third state isactivated when the security information input by the user is positivelyverified and in which full access to the secure data is granted to theuser.

[0009] The data stored in the device's memory can comprise resourceinformation for a plurality of resources, and can preferably furthercomprise a resource identifier and resource data. The resourceidentifier can be a uniform resource locator (URL). The securityinterface can advantageously provide an indication of a change in thesecure data without a need for authentication. The user interfacepreferably includes a display.

[0010] According to another aspect of the present invention, there isprovided an electronic device having a processor, a user interfacecoupled to the processor, a memory coupled to the processor for storingnon-secure data and secure data, and a communications module coupled tothe processor for updating at least some of the non-secure data and thesecure data. The device includes a security interface coupled to theprocessor for facilitating control of user access to the non-secure dataand the secure data. The non-secure data and the secure data comprise asecurity level and the control is based on stored security levels. Thesecurity interface provides user access to automatically updateduser-selected non-secure data, and restricts access to secure data basedon an authentication process.

[0011] According to yet another aspect of the present invention, thereis provided a security interface for an electronic device having a userinterface, a memory and a communications module coupled to a processor.The security interface includes a first data access module for providingnon-secure data to a user, an input module for receiving input from auser, an authentication module for authenticating received input tocontrol user access to the secure data, and a second data access modulefor providing the secure data to a user following successfulauthentication.

[0012] In the security interface, the non-secure data can includeuser-selected non-secure data, which is preferably automatically updatedvia the communications module. The security interface can furtherinclude a security module for distinguishing between secure data andnon-secure data stored in the memory, preferably based on a storedsecurity level. The first data access module can include an indicationmodule for providing an indication that the secure data has changed. Theuser interface can include a display, with the security interface beingdisplayed on the display. The input module can be coupled to a keyboardfor receiving input therefrom.

[0013] According to a further aspect of the present invention, there isprovided a method of controlling user access to data on a mobile device,the mobile device having a user interface and a memory coupled to theuser interface for storing secure data and non-secure data. The methodincludes the steps of: providing non-secure data via the user interface;authenticating user access to the secure data in response to anauthentication request; and permitting user access to the secure data inresponse to successful authentication.

[0014] The non-secure data can include user-selected non-secure data.The step of authenticating can include the steps of: prompting the userto enter security information in response to a user attempt to accessthe secure information; and comparing the user's security informationwith predetermined security information, which can be a password. Thestep of prompting can include displaying a dialog box on the display,and the step of authenticating can include a timeout period within whicha user is permitted to attempt authentication.

[0015] The user interface preferably includes a display upon which theuser-selected non-secure data is displayed in a security interface. Themethod can further include the step of providing an indication on thedisplay in response to a change in secure data. When the user interfaceincludes a display, the indication can be displayed on a status area ofthe display.

[0016] The non-secure data can be automatically updated, which step canbe performed at regular intervals. In the case of user-selectednon-secure data, the data can include a plurality of user-selectedinformation types, which can originate from a plurality of user-selectedsources.

[0017] Additional non-secure data can be displayed in response to a userrequest for the additional non-secure data. The additional non-securedata preferably relates to the non-secure data previously displayed. Themethod is preferably initiated after a predetermined period ofinactivity on the device, which can be a user-defined timeout periodduring which there is no input on the device.

[0018] A last-accessed screen can be displayed following the step ofpermitting user access to the secure data. A new message can be openedfollowing the step of permitting user access to the secure data when theindication indicates the presence of the new message. The non-securedata can include static information that is not updated.

[0019] Other aspects and features of the present invention will becomeapparent to those ordinarily skilled in the art upon review of thefollowing description of specific embodiments of the invention inconjunction with the accompanying figures.

BRIEF DESCRIPTION OF THE DRAWINGS

[0020] Embodiments of the present invention will now be described, byway of example only, with reference to the attached figures, wherein:

[0021]FIG. 1A is a diagram of an existing security interface for amobile device;

[0022]FIG. 1B is a diagram of the existing security interface with apassword dialog box;

[0023]FIG. 1C is a diagram of an existing user interface screen for amobile device showing an icon ribbon;

[0024]FIG. 1D is a diagram of an existing user interface screen for amobile device showing a message list application;

[0025]FIG. 2 is a diagram illustrating a security interface for a mobiledevice according to an embodiment of the invention;

[0026]FIG. 3 is a diagram showing the security interface of FIG. 2 witha password dialog box;

[0027]FIG. 4 is an alternative embodiment of the security interface ofthe present invention;

[0028]FIG. 5 is diagram showing the alternative embodiment of thesecurity interface with a password dialog box;

[0029]FIG. 6 is a flow diagram showing a method for activating andupdating the security interface according to an embodiment of thepresent invention; and

[0030]FIG. 7 is a block diagram illustrating a mobile device accordingto an embodiment of the present invention, including a securityinterface.

DETAILED DESCRIPTION

[0031] Generally, the present invention provides a method and devicethat provide a security interface, preferably for a mobile device. Thesecurity interface provides user-selectable non-secure data that isdisplayed without the need for a password. The non-secure data ispreferably updated on a regular basis, and can be obtained fromdifferent sources, as selected by a user. The secure data can beaccessed after successful authentication, such as a positive passwordverification. Additional non-secure data, related to the displayednon-secure data, can preferably be accessed, with or without a need fora password. An indication can be provided to inform a user that securedata has been updated, without the need to access such secure data. Thesecurity interface is preferably enabled after a predetermined timeoutperiod. The interface allows the device to operate in three data accessstates: a controlled access state; a verification state; and a fullaccess state.

[0032]FIG. 1A shows an existing security interface, or screen saver, fora user interface on a mobile device. The user interface 4, preferablycomprising a display, preferably exists on a typical mobile device(herein referred to as a device) having an auxiliary input device 6 suchas a thumbwheel, and a keyboard 8. Output to the user is provided viathe user interface, or display 4. Although the user interface will bedescribed below as comprising a display, it is to be understood that theuser interface can additionally comprise any suitable means forfacilitating audio or visual communication of information to and fromthe user.

[0033] In this diagram, a security interface 2, or security screensaver, comprises a box occupying most of the display. Above the box is astatus area 13 that shows device-related information such as the timeand date 14, the signal strength 16, and the battery life 18. The statusarea 13 may also contain such information as reminders, alerts and newmessage count. This known security interface 2 shows very littleinformation. In the example of FIG. 1A, the security interface 2 shows amanufacturer's trademark, a prompt for the user and a copyright notice.The security interface 2 activates after a period of inactivity on thedevice.

[0034]FIG. 1B shows a password dialog box over the security interface.This dialog box 28 appears when a user has initiated some input into thedevice. This input can come from the thumbwheel 6 or the keyboard 8. Theuser is prompted to enter a password in the dialog box 28 at the dialogbox prompt 30 in order to access secure or confidential applications orinformation on the device. In fact, in this case, all information notshown as part of the security screen saver and in the status area istreated as secure or confidential. The password is preferably previouslyset by a user.

[0035]FIG. 1C is a drawing of the device once the user has entered thecorrect password in the dialog box that appears over the securityinterface. The screen is refreshed and shows an icon menu 32. Each icon34 represents a software application available to the user. Using thethumbwheel 6, the user may scroll through the icons and highlight anicon, as indicated at 36, for an application, which the user wishes toutilize. In this example, a Message List icon is highlighted.

[0036]FIG. 1D shows a diagram of an existing user interface screen for amobile device showing a message list 38 generated when the message listapplication is selected and started. New and read messages 40 appear inthe message list 38. The status (new, read) of a message 40 ispreferably indicated using different icons, as shown. The informationshown in FIG. 1D is made available once the user has entered the correctpassword in the dialog box that appears over the security interface.

[0037]FIG. 2 shows an example of a security interface 12 includinguser-selected information according to an embodiment of the presentinvention. The security interface 12 preferably occupies most of thedisplay except for the status area. The status area 13 preferablycontains device-related information 14, 16, 18 (as described in relationto FIG. 1A) as well as an indication that secure information that existsbeyond the security interface 12 has changed. An example of anindication that secure information has changed is shown in FIG. 2 as aregister of new and unread messages 15 that have been received by thedevice. The indication is preferably provided by way of an indicationmodule, which is preferably implemented in software.

[0038] The security interface 12 preferably includes a plurality oftypes of information 20, 22, 24 that a user can select for display,preferably by establishing security configuration settings. The displayof this user-selected non-secure data can be achieved by a data accessmodule, which can be implemented in software. In this example, the userhas chosen to display news headlines 20, financial information 22 suchas stock quotes, and weather updates 24 for the user's chosen region.The user may choose from a plurality of information sources and typesand is not limited to these examples.

[0039] When setting up the security interface 12, the user preferablychooses the information that the user wishes to see when a device timeout occurs. The user also preferably sets a password to deactivate thesecurity interface 12 when the user wishes to access secure data.

[0040] The term secure data is used herein to represent any informationor application that has been identified as confidential or deservingsome degree of restricted access, either by a user selection or by adefault setting. The term non-secure data is used herein to representany information or application that is not secure data.

[0041] The user can choose the source of the non-secure data, or thedevice may have a default source for the chosen data depending on suchcriteria as the user's location. This non-secure information ispreferably updated on a continuous basis over a wireless network inwhich the device is configured to operate. Such an update function canbe implemented by either an information push method to the device or aninformation pull method by the device, or a combination of both methods.For example, stock quotes could be automatically pushed to the device bya server computer operating on the Internet or other network, or thedevice can be configured to periodically submit requests to a newswebsite for current news headlines.

[0042] The user can preferably access additional information related tothe displayed non-secure data on the security interface 12 by scrollingto an item the user wishes to view. For example, the user may wish toview a story associated with a news headline. If the user scrolls to thedesired headline, using the thumbwheel 6, and chooses to access theassociated news story, the device preferably displays the story orpossibly a portion thereof. A password would not be required because theinformation is non-secure.

[0043] In a particular embodiment, the security interface 12 preferablyhas a secure data access area 26. If the user wishes to access thesecure data, security information must first be correctly entered by auser. In the example shown in FIG. 3, the security information is apassword, and is requested from a user via a password dialog box 28,which preferably appears when secure data access area 26 is selected.The user is preferably prompted to enter the user's password in thedialog box 28 at the dialog box prompt 30 in order to access secure orconfidential information and applications on the device. The password ispreferably set by the user when the user sets the options for thesecurity interface. The prompting for the password, and all other stepsrelating to authentication, is preferably performed by an authenticationmodule, which can be implemented in software. An input module, alsopreferably implemented in software, is provided to receive input fromthe user, such as a password entry. Access to, and presentation of, thesecure data is preferably performed by a data access module, which isalso preferably implemented in software.

[0044] In an alternative embodiment, the secure data access area 26 isabsent and access to secure data is achieved by entering a particularinput sequence, such as a predetermined set of keystrokes. As such,although the secure data access area 26 may not appear on the display,access to the secure data is still available after entering theparticular input sequence. The input sequence can preferably beuser-defined for added security. Such an arrangement hides the fact thatsecure data can be accessed on the device, unless the user is aware ofthe functionality. This can prevent unauthorized users from attemptingto access secure data.

[0045] As described above, the status area 13 preferably includes anindication that secure data has changed, such as new message indicator15. A device user can thereby determine whether or not secure dataprotected by the password has changed without having to enter thepassword, thereby saving the user both time and effort to merely checkfor new or updated secure data. Other indicators of changes in securedata on the security interface 12 or in the status area 13 may includeindicators for voice mails, SMS messages, and calendar updates, as wellas other secure data that may be updated.

[0046] In an alternative embodiment, entry of the password is requiredfor the user to access additional information related to the displayednon-secure data on the security interface 12. The dialog box preferablyappears once the user scrolls to an item the user wishes to view.

[0047] When the user has entered a password, the password is verified toensure that it is the correct, previously set device password. Once theentered password is positively verified, then access to the secure datais granted. Otherwise, the user may be prompted to re-enter a password,preferably until either the password is positively verified or the userhas incorrectly entered the password a predetermined number of times. Inthe case of a negative result of password verification after thepredetermined number of tries, the user may be prevented from accessingsecure data for a predetermined period of time, or until a particularaction is taken. This is common in GSM devices, where a SIM card can beused to lock out access to a device after repeated incorrect passwordentry.

[0048]FIG. 4 shows another embodiment of the security interface. In thisembodiment, access to all information not shown on the securityinterface or status area on the device is restricted. If the user wereto select an information item 20, 22, 24 on the security interface thatthe user wishes to explore further, then the password dialog box 28would preferably appear as shown in FIG. 5. Therefore, in thisembodiment, additional information related to non-secure data is treatedas secure data. The password dialog box 28 would also appear if the userwished to access secure data, such as any new received messagesindicated by the message indicator 15, and software applications.

[0049]FIG. 6 is a flow diagram showing a method for activating andupdating the security interface. A device preferably has a time outsecurity feature. This feature may be enabled and disabled by the userand allows the device to enter a first state, or controlled accessstate. In this first state, access to secure data on the device iscontrolled after a period of time elapses in which there is no activityon the device, e.g. no user input. This timeout period is preferablyuser-selectable. In step 50, the timeout period elapses. The securityinterface is activated in step 52, preferably in response to a useractivating the device, e.g. turning on a power button.

[0050] Non-secure user-selected information preferably appears in thesecurity interface, which is preferably updated automatically in step54. In step 56, the security interface is refreshed with each update.Updates may be, for example, at regular intervals, at particular timesof day, or whenever information at a source changes. Other updatetimings are also possible without departing from the scope of thepresent invention. Security interface information is preferably updatedas new or updated information is received.

[0051] When the device is in its first state, the security interfacewould be substantially as shown in FIG. 3 or FIG. 5. It should beapparent that a security interface may include both information that isrefreshed and updated in accordance with an aspect of the invention, aswell as some static information. In FIG. 3 for example, the heading“NEWS:” may be static, whereas the headlines may be updated.

[0052] In step 58, the user attempts to access secure information.Although this step is shown in FIG. 6 at this point in the method, thisstep may take place at any point after the security interface has beenactivated. If the user does not attempt to access secure information,the device determines whether the user wishes to access additionalinformation related to displayed non-secure data (step 60). If thedevice determines that the user does want more detail, then, in step 62,the device will preferably display more detail in a new screen. In step64, the user will exit the detail screen when finished and the securityinterface will activate again. If, in step 58, the device determinesthat the user did not wish to access more detail, then the device willpreferably continue to display the security interface with the continualupdates.

[0053] If the user does attempt to access secure data, then the devicepreferably enters a second state, or security verification state. Inthis second state, a security password dialog box preferably activatesand prompts the user for verification in order to enter the user-setpassword in step 66. The security interface will appear substantially asshown in FIG. 3 or FIG. 5 when the device is in its second state.

[0054] In step 68, if the user does not enter a password, then in step70, a time for entering the password will elapse and in step 72, thedialog box will be cancelled and the device preferably returns to thefirst state. The device then continues with displaying and refreshingthe security interface with updated user-selected information.

[0055] If the user does enter a password, the device determines whetherthe user has entered the correct password in step 74. If the user doesnot enter the correct password, then in step 76, a dialog box preferablyappears warning the user that the password submitted was invalid. Thedevice then preferably displays the password dialog box again. In analternative embodiment, the device may also limit the number of timesthe user may re-enter the password incorrectly, to thereby provide afurther security feature.

[0056] If the user does enter the correct password in step 74, then thedevice preferably enters a third state, or full access state. In thisthird state, the device deactivates the controlled access state byexiting the security interface and refreshing the device display,preferably to the last application used by the user before the devicetime out (step 78). As a default setting, the device may refresh thedisplay to a main icon menu such as shown in FIG. 1C.

[0057] In a further embodiment, the device automatically opens a newmessage when the user enters the correct password to deactivate thesecurity interface after a new message notification, such as 15 (FIG. 2)for example, is generated by the device.

[0058]FIG. 7 is a block diagram illustrating an electronic deviceaccording to an embodiment of the present invention, including asecurity interface. FIG. 7 shows a representation of an electronicdevice 10, such as a mobile device according to an embodiment of thepresent invention. The device includes a user interface 4; a processor43; a communication module 42, such as a transceiver; and a memory 45.The user interface 4 preferably comprises a display, in which case thedisplay preferably comprises two sections: the security interface 12 andthe status area 13. The device also includes a security interfacesoftware module 44 that is executed by the processor 43. The securityinterface software module stores resources 48 in the memory 45, and canbe implemented in software and itself be stored in the memory 45 oranother memory. The memory preferably stores data including secure dataand non-secure data. Some of the data stored in the memory can bedivided into individual resources 48.

[0059] The security interface software module 44 preferably saves andindexes resources transmitted or received by the device 10 as well aselectronic resources local to the device. In an alternative embodiment,the security interface software module 44 may allow the user to selectresources to save or discard.

[0060] Each stored resource 48 preferably has a resource identifier orlocator 48A, a security level 48B, and resource data 48C. The locator48A, which may be a Uniform Resource Locator (URL), is used to provide asource from which to update the resource data 48C via the transceiver42. The security level 48B preferably determines whether the resourcedata 48C may be shown on the security interface 12. A security module ispreferably provided for distinguishing between secure data andnon-secure data stored in the memory based on the stored securitylevels.

[0061] The security level 48B may also determine whether accessingfurther information or updates to the resource data 48C requires a userto enter a password 46 for verification in order to show confidentialinformation. For example, if the user wishes to view information likethe weather, the password is not required because the security level isset to low. However if the user wishes to view Secure Data, the passwordis required because the security level is set to high. The password 46is preferably stored in memory 45. When a user enters a password, thedevice will compare it to the stored password 46.

[0062] In FIG. 7, the locators 48A are URLs used to conditionally updatethe resource data 48C displayed on the security interface 12 asuser-selected information elements 20, 22, and 24. The resource data 48Cmay be updated on the device 10 either by a push method to the device oran information pull method by the device 10 via the transceiver 42 overthe wireless network.

[0063] The invention can also be implemented in handheld communicationdevices, personal digital assistants (PDAs) with communicationfunctions, cellular telephones, wireless modems and one-way or two-waypagers, or any other mobile communications device or electronic deviceusing a password-accessed screen saver to prevent access to secure datawhile allowing access to non-secure data.

[0064] Although the communications module in FIG. 7 is illustrated as atransceiver, it may be any means suitable for updating resource data.For example, in the case of an electronic device that is not a wirelessdevice, the communications module can include an interface card, such asan Ethernet card. Also, the user interface can include not only adisplay, but also any other means by which the user can interface withthe resource data. These can include a microphone or speaker, a keyboardor keypad, a thumbwheel, or any other means allowing for either userinput or communication of information to a user.

[0065] The above-described embodiments of the present invention areintended to be examples only. Alterations, modifications and variationsmay be effected to the particular embodiments by those of skill in theart without departing from the scope of the invention, which is definedsolely by the claims appended hereto.

What is claimed is:
 1. A mobile device having a user interface, a memoryand a transceiver coupled to a processor, the device comprising: asecurity interface coupled to the processor for facilitating control ofuser access to data stored in the memory; the data stored in the memoryhaving stored security levels determining secure data and non-securedata, the control being based on the stored security levels; and thesecurity interface providing user access to the non-secure data, andrestricting access to the secure data based on the stored securitylevels.
 2. The device of claim 1 wherein the non-secure data includesuser-selected non-secure data.
 3. The device of claim 1 wherein thenon-secure data is automatically updated.
 4. The device of claim 1wherein the processor and the security interface co-operate to provide afirst state, a second state, and a third state; the first state beingactivated after a period of inactivity on the device and in which accessto the secure data is restricted and access to the non-secure data ispermitted; the second state being activated when a user attempts toaccess the secure data and in which security information is requestedfrom a user; and the third state being activated when the securityinformation input by the user is positively verified and in which fullaccess to the secure data is granted to the user.
 5. The device of claim1 wherein the data comprises resource information for a plurality ofresources.
 6. The device of claim 5 wherein the resource information foreach resource further comprises a resource identifier and resource data.7. The device of claim 6 wherein the resource identifier is a uniformresource locator (URL).
 8. The device of claim 1 wherein the securityinterface provides an indication of a change in the secure data withouta need for authentication.
 9. The device of claim 1 wherein the userinterface includes a display.
 10. An electronic device having aprocessor, a user interface coupled to the processor, a memory coupledto the processor for storing non-secure data and secure data, and acommunications module coupled to the processor for updating at leastsome of the non-secure data and the secure data, the device comprising:a security interface coupled to the processor for facilitating controlof user access to the non-secure data and the secure data; thenon-secure data and the secure data comprising a security level and thecontrol being based on stored security levels; and the securityinterface providing user access to automatically updated user-selectednon-secure data, and restricting access to secure data based on anauthentication process.
 11. A security interface for an electronicdevice having a user interface, a memory and a communications modulecoupled to a processor, the security interface comprising: a first dataaccess module for providing non-secure data to a user; an input modulefor receiving input from a user; an authentication module forauthenticating received input to control user access to the secure data;and a second data access module for providing the secure data to a userfollowing successful authentication.
 12. The security interface of claim11 wherein the non-secure data includes user-selected non-secure data.13. The security interface of claim 11 wherein the non-secure data isautomatically updated via the communications module.
 14. The securityinterface of claim 11 further comprising a security module fordistinguishing between secure data and non-secure data stored in thememory.
 15. The security module of claim 14 wherein the secure data andthe non-secure data are distinguished based on a stored security level.16. The security interface of claim 11 wherein the first data accessmodule comprises an indication module for providing an indication thatthe secure data has changed.
 17. The security interface of claim 11wherein the user interface includes a display and the security interfaceis displayed on the display.
 18. The security interface of claim 11wherein the input module is coupled to a keyboard for receiving inputtherefrom.
 19. A method of controlling user access to data on a mobiledevice, the mobile device having a user interface and a memory coupledto the user interface for storing secure data and non-secure data, themethod comprising the steps of: providing non-secure data via the userinterface; authenticating user access to the secure data in response toan authentication request; and permitting user access to the secure datain response to successful authentication.
 20. The method of claim 19wherein the non-secure data provided via the user interface comprisesuser-selected non-secure data.
 21. The method of claim 19 wherein thestep of authenticating comprises: prompting the user to enter securityinformation in response to a user attempt to access the secureinformation; and comparing the user's security information withpredetermined security information.
 22. The method of claim 21 whereinthe security information comprises a password.
 23. The method of claim21 wherein the step of prompting comprises displaying a dialog box onthe display.
 24. The method of claim 19 wherein the step ofauthenticating comprises a timeout period within which a user ispermitted to attempt authentication.
 25. The method of claim 19 whereinthe user interface includes a display and wherein the non-secure data isdisplayed in a security interface thereon.
 26. The method of claim 19further comprising the step of providing an indication on the display inresponse to a change in secure data.
 27. The method of claim 19 whereinin the user interface includes a display and the indication is displayedin a status area thereon.
 28. The method of claim 19 further comprisingthe step of automatically updating the non-secure data.
 29. The methodof claim 28 wherein the step of automatically updating is performed atregular intervals.
 30. The method of claim 20 wherein the user-selectednon-secure data comprises a plurality of user-selected informationtypes.
 31. The method of claim 30 wherein the plurality of user-selectedinformation types originate from a plurality of user-selected sources.32. The method of claim 19 wherein additional non-secure data isdisplayed in response to a user request for the additional non-securedata.
 33. The method of claim 32 wherein the additional non-secure datarelates to the non-secure data previously displayed.
 34. The method ofclaim 19 wherein the method is initiated after a predetermined period ofinactivity on the device.
 35. The method of claim 19 wherein the methodis initiated after a user-defined timeout period during which there isno input on the device.
 36. The method of claim 19 further comprisingthe step of displaying a last-accessed screen following the step ofpermitting user access to the secure data.
 37. The method of claim 19further comprising the step of opening a new message following the stepof permitting user access to the secure data when the indicationindicates the presence of the new message.
 38. The method of claim 19wherein the user-selected non-secure data comprises static informationthat is not updated.